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Description 




Method ana system for paying for goods or services 



* The present invention relates to a method for 

securely paying for goods or services using a mobile 

radio device and a base telecommunication station which 

communicates with the mobile radio device TTiearrs — ©f 

preset * 
electromagnetic waves. The invention also relates to a 

system for paying for goods or services. 

^ ^^p^^Zonventionally , goods in a shop, for example, 
are paid for in cash, with a ^cheque or electronically 
using a credit card or a card issued by a financial 
institution specifically for this purpose. A 
disadvantage of such methods of payment is that the 
purchaser must carry either cash or specific cards. 

There is also the option of using so-called 
telephone banking methods to make transfers by 
telephone. To do this, the user dials up his financial 
institution's telecommunication device, for example. 
Next, the person wishing- to make the transfer is 
authenticated for security reasons. If the user turns 
out to be authorized to make the appropriate transfers, 
the user transmits the data required for the transfer. 
The data can be communicated to another person^ 
associated with the financial institution^ by speaking 
to him, for example. It is also possible for the user's 
telephone to transmit to the financial institution' s 
telecommunication device short messages containing all 
the data required for the transfer. The financial 
institution can then make the transfer on the basis of 
these short messages. 

To transmit personal information . or access 
authorization information securely, the appropriate 
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data arrer encrypted before transmission. Encryption, 
often -aJrs©- called scrambling, is understood ^-o— mean the 
conversion of data into an unreadable form. Both 
encryption and decryption virtually always require some 
5 secret information, which is usually referred to as a 
key . 

In a symmetrical encryption method, the same 
key is used both for scrambling and for unscrambling. 
The DES (Data Encryption Standard) is part, of the 

10 symmetrical encryption method. In this method, 
transformation of the original text into the scrambled 
text .com prises a succession of mathematical operations 
such as permutations, nonlinear substitutions and 
logical product formations. In this context, a key 

15 which is individual to the user is used. 

Asymmetrical encryption methods constitute the 
opposite of the symmetrical methods. In this case, 
different keys are used for scrambling and 
unscrambling, the nature of ^aid keys being such that 

20 data which have been scrambled using one key can be 

A 

unscrambled again only using the other key. 

Telephone banking methods eao- also be carried 
out using mobile radio devices, such as mobile 
telephones. Mobile telephones based on the GSM standard 
25 .comprioc , firstly, the actual telephone with input and 

A 

display devices^ and, secondly, a so-called SIM card 
having a personal identification number (PIN) stored in 
encrypted form. However, it is also possible to have 
the SIM card carry out additional applications which 
30 need to satisfy high levels of security requirements. 
(SIM Application Tool Kit, GSM 11.14). The data 
required for a transfer can be entered using the input 
device on the mobile telephone. The mobile telephone's 
SIM card can then be used for authentication 
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required specifically for the transfer. Access to these 
offered items is made possible by novel technology. For 
this purpose, the user requires a mobile radio 
telephone with an integrated SIM Toolkit and a SIM card 
which supports the new added-value functions . To get to 
the virtual bank counter, the customer switches on his 
mobile telephone, enters the PIN number and selects his 
financial institution from the menu. Once the mobile 
radio telephone has dialed up the bank's server, the 
user can access his bank account within a few seconds. 

In addition, so-called CTS (Cellular _ Telephony 
System) applications are known. Such systems -Gomj^r-dr&e a 

A 

base station and a mobile telephone for domestic use. 
The base station receives the associated mobile 
telephone's calls internally free of charge and 
forwards them to the landline network. ~VW,re, s 

An 

- The object of the present invention is to 
provide a method and a system for securely paying for 
goods or services which is simple, secure and 
inexpensive for the purchaser and the vendor. 

The -invention achi^r^s this object by means of 
a method having thev f^tfEures of claim 1 and by a system 




having the feat 
refinements 



of claim 16, with advantageous 
developments being found in the 



paying 



dependenj^claims . 

J >pccif lc-ally, 1 Llie — inventive method for 
A 

for goods or services using a mobile radio device and a 

% 

base telecommunication device, which communicates with 

A yJ\C( 

the mobile radio device ja^— mca - ns — e^- electromagnetic 
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^ba^fe- the base tele- 



35 



communication station transmits data required for 
payment to the mobile radio device, the mobile radio 
device asks the user for confirmation for the payment, 
after the confirmation, the mobile radio device 
performs a payment operation 



GR 98 P 2643 Foreign version 

- 4 - 

by transmitting payment instruction data, and the 

mobile radio device or the telecommunication device of 

a financial institution or bill issuer transmits 

acknowledgement data for the radio payment operation to 

the base telecommunication station. 

l. An advantage of the method according to the 

invention is that it is particularly simple, since the 

data required for payment ^-a^e- automatically transmitted 

to a purchaser's mobile radio device, so that the 

vendor does not need to inform the purchaser of ^ the - o© 

data. In addition, the method satisfies the same 

security requirements as telephone banking methods 

using mobile telephones. The security standards 

developed in this context can be adopted directly, 

which will contribute to a high level of acceptance for 

the method annnrdi ng to the invention. Since, xn 

addition, the mobile radio device or the 

telecommunication device of a financial institution of 

the purchaser transmits acknowledgement data for the 

radio payment operation to the vendor' s base 

telecommunication station, it is no longer absolutely 

essential for a vendor to be present in person, which 

erf pre* (^\- 

is why the method ^-GG erding — tre- the invention affords 

considerable opportunities for reducing costs and is 

also suitable for. vending machines. 

Within the scope of the present invention, 

information or data -&a4^ also be transmitted in the form 

of short messages, messages, or using one or more data 

packets. The mobile radio device and the base 

telecommunication station «a& also communicate on the 

A 

basis of a mobile radio standard, such as the GSM 

standard, a cordless standard, the Bluetooth standard, 

an infrared standard, such as the IrDA standard, or a 

future standard based. on a CDMA method- 
it n tTJ?ci » n V • . . 
i In one — 3?erflnemeTrt of the method according to 

the invention, when performing the payment operation, 

A 

the mobile radio device can communicate directly with a 
telecommunication device of a financial 
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institution or of a bill issuer, for example on the 

basis of a mobile radio standard, such as the GSM 

standard. On the other hand, when performing the 

payment operation, the mobile radio device can transmit 

5 the payment instruction data to the base 

telecommunication station, which then transmits thps^. 

.i 

data to a telecommunication device of the financial 

\ 

institution or of the bill issuer via a landline 
network connection or on the basis of a mobile radio 
10 standard, such as the GSM standard. In addition, the 
mobile radio device and the base telecommunication 
station can communicate using infrared radiation. 
q An advantage of the latter . option is that it is 

;S particularly inexpensive, since only the low-priced 

15 charges of the landline network accrue. Even with the 
SJ . first option of direct communication between the mobile 

^ radio device and the telecommunication device of the 

H financial institution, the telephone charges are also 

generally lower than credit card commissions, for 
yj 20 example, which means that the method according to the 

invention is particularly inexpensive both for the 

SU A 

ft purchaser and for the vendor in this case. — t^e-. 

: :c=f L°> 
H If the data required for payment ^-a-re- not in the . 

ft format which is required for the radio payment 

25 operation, the data received from the base 

telecommunication station can be converted by the 

mobile radio device into a format which is suitable for 

a radio payment operation before transmission. 

Advantageously, the user of the mobile radio 

30 device is authenticated before the step . of performing 

the payment . operation. This authentication can be 

performed try means o* the entry of a personal 

^ identification number or -by mean s e£- biometric 

A 

_ features. This measure ensures that the user of the 

35 mobile radio device is actually authorized to initiate 
the payment operation. In this context, the use of 
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a personal identification number or the use of 
biometric features satisfy very high levels of security 
requirements. 

In addition, in one advantageous refinement of 
the method according to the invention, an electronic 

A 

cash register can transmit the data required for 
payment to the base telecommunication station. This 
further simplifies and automates the payment operation, 
which makes the method according to the invention even 

A 

simpler and more inexpensive. 

The data required for payment can ^OQmpri - g e, by 
way of example, the sum of money which is to be paid 
and/or the account number and/or bank sort code . of the 
recipient and/or of the purpose of use, such as the 
bill number. 

The inventive system for paying for goods or 

services ~eefttpxisei5~ a base telecommunication station 

having a radio device for transmitting data required 

for payment to a mobile radio device and for receiving 

data from the mobile radio device, the mobile radio 

device having a reception device for receiving the data 

transmitted by the base telecommunication station, an 

interrogation device, connected to the reception 

device, for requesting confirmation for the payment, 

and a transmission device, connected to the 

interrogation device, for transmitting data for a 

payment operation and for transmitting acknowledgement 

data for the radio payment operation to the base 

telecommunication station. 

^trat.ive embodiments of the invention are 

now explained witlir'S'feJie.nce to the appended drawings. 

Figure 1 shows a first illustrative embodiment 

of the present invention^ a 0 

Figure 2 shows a second illustrative embodiment 

e 

of the present invention^ and 
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Figure 3 is a schematic illustration of the 
desi gn of the mobile radio device. 

The text below explains illustrative 
embodiments of the inventive system for paying for 
goods or services. In this illustrative embodiment, the 
inventive system is intended to be installed in the 
shop of a vendor, the purchaser paying for goods using 
a mobile radio device in the inventive system. 

In variant embodiments of the ^invention, data 
required for payment and/or payment instruction data 
and/or acknowledgement data are provided with a key 
(the key is appended to the appropriate data, for 
example) and/or are encrypted using a key. Depending on 
the variant embodiment, the key is used to verify 
and/or to decrypt the data which have been encrypted 
using it. 

Installed in the shop of the vendor is a base 
telecommunication station 1. This base 

telecommunication station 1 is advantageously connected 
to an electronic cash register 2, so that the data 
recorded by the cash register 2 ^^xe- transmitted 
directly to the base telecommunication station 1. The 
base telecommunication station 1 is equivalent to the 
base station in a CTS (Cordless Telephony System) with 
a data transmission capability. It can communicate with 
a mobile radio device 3 fey, ma-a-ns — electromagnetic 
waves. In the illustrative embodiment described in this 
case, it is assumed that the mobile radio device 3 is a 
mobile telephone based on the GSM standard. The mobile 
radio device 3 x^tiid also^ be another electronic device, 
however, such as a schedule planner equipped wi - th , me aft» 
for radio transmission of data. However, the use of a 
mobile telephone based on the GSM standard has the 
advantage that no or only very few modifications need 
to be made to the appliance. 
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For the payment operation, the vendor' s base 
telecommunication station 1 transmits to the 
purchaser 9 s^ mobile telephone 3 the data required for a 
payment operation and a key for any encryption of data 
5 to be transmitted which may be performed, ^- ho se. data 
. oompr - icQ -, by way of example, the value of the sum of 
money as transmitted by the electronic cash register 2, 
the telephone number of the base telecommunication 
station or the account number and bank sort code of the 

10 vendor- T-he-cre data a#e- received by the mobile telephone 
3 ancf a^©- displayed using the display 5 on the mobile 
telephone 3. The mobile telephone 3 then requests 
confirmation that the indicated sum of money is to be 
transferred from the account of the owner of the mobile 

15 telephone 3 to the relevant account indicated. The 
confirmation can be given by the user using the input 
unit 4 on the mobile telephone 3. 

Advantageously, the user is then authenticated. 
By way of example, the mobile telephone 3 can request a 

20 specific personal identification number required only 

for transfers, or biometric features of the user can be 

detected, which allows the user to be identified in a 

particularly reliable and simple manner. If the user 

turns out to be authorized, the data required for the 

25 payment operation, or some of - thooe - data, -a^re possibly 

i /i 

encrypted using the key transmitted together with these 
data by the base telecommunication station, and these 
payment instruction data ~ax£-* transmitted by the mobile 
telephone 3 to a .telecommunication device 6 of a 

30 financial institution or bill issuer, and the 
appropriate sum is debited or billed. In this context, 
the payment instruction data can also contain all or 
some of the data required for payment and the telephone 
number of the mobile radio device. It is also possible 

35 for the key just to be transmitted' together with the 
payment instruction data, but not to be used for 
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encryption thereof or for encrypting other data. 

The mobile telephone 3 then transmits 
acknowledgement data to the base telecommunication 
station 1 of the vendor, so that the latter receives 
5 notice of payment for his goods. In addition, the 
telecommunication device 6 of the financial institution 
or bill issuer could also transmit the acknowledgement 
data to the base telecommunication station 1. The 
acknowledgement data provided with or encrypted using 
10 the same key .*a*?e possibly decrypted in the base 

A 

a telecommunication station 1 or in an associated unit 

and, after successful decryption, errrg transmitted to 
f( O the cash register^ which, after successful verification 

^ J^f of the key, issues the receipt and records the sum as 

15 having been paid. In this case, the acknowledgement 
N data may also contain some of the data required for 

' m payment, or. data which describe the type of goods or 

f( H which Qcocribo the price of the goods, and receipt or 

A 

]L processing thereof initiates issue of the goods or 

y 20 provision of the service. 

[J? This possible further encryption of the data 

Q using a key which is transmitted to the mobile radio 

s~ device by the base telecommunication station -jftoa- n - g ^bhe*t- 

the data -^x©- protected from unauthorized access even 
pr * c 

25 when transmitted beyond the mobile radio system^* for 
example*) via the landline network to the server 6f a 
f( bank or bill issuer. 

Figure 2 shows another illustrative embodiment 
of the present, invention. The illustrative embodiment 
30 shown ' in figure ' ^ 2 differs from the illustrative 
embodiment shown in -&ry erne- 1 only in that, when 

A 

performing the payment operation, the mobile telephone 
3 does not transmit the encrypted payment instruction 
data directly to the telecommunication device, of the 
35 financial institute, but instead transmits data 
back to the base telecommunication station 1. The base 
telecommunication station 1 then 



Pi 
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transmits the data to the telecommunication device 6 of 
the financial institution or a bill issuer via a landline 
network connection C or via a mobile radio connection. 

In this case, however, the transmission method 
5 used to transmit the data to the base telecommunication 
device 1 can differ from that used to transmit the data 
to the financial institution in the first illustrative 
embodiment . * \~ 

J lhis mean s t4*arfe, in this case, the vendor makes 
10 his base telecommunication station 1 available to the 
purchaser for transmission of a short message. In this 
way, the payment operation takes a particularly 
□ inexpensive form, since no costs at all arise for the 

m purchaser, and the vendor need merely find the 

IB 15 relatively low charges of the landline network for a 

2 short message. 

In this case, the acknowledgement data for the 
M payment operation can be transmitted to the base 

!U telecommunication station from the mobile radio device 

yj 20 together with the payment instruction data. In 

^ addition, it is also possible for the payment 

instruction data to be interpreted as acknowledgement 
data, so that there is no need for transmission of 
separate acknowledgement data. Furthermore, the 
25 acknowledgement data could be transmitted to the base 
telecommunication station 1 by the financial 
institution. 

Figure 3 shows possible embodiments of the 

mobile radio device 3 in the illustrative embodiments 

30 explained above. The mobile radio device 3 has a 

reception device 7 which receives the data required for 

V\c\b 

payment which -h-arv^- been transmitted by the base 

telecommunication station 1. If — tliti"Sy data are in a 

format which can be used to perform a payment operation 

35 directly, further processing of the data is^, not 

K*g«* re- 
necessary. In. this case, which is not shown in ^i-i^Lu-aee- 

3, the data - are - transferred to an interrogation device 

9 which requests confirmation for the payment 
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•fey — mg^n.s -q^ the display 5 and the input device 4. If 
appropriate, this interrogation device 9 - may also^ be* 
used to authenticate the user, as explained above. If 
the payment has been confirmed and if the authentication 
5 has established that the user is authorized to make the 
payment for which confirmation has been requested, the 
data transferred to the transmission device 10, 

which transmits the data for the payment operation. 
Before transmission, the data are * possibly encrypted 
10 using a digital signal processor. 

In the first illustrative embodiment of the 
present invention, the data are then transmitted 
directly to a telecommunication device 6 of a financial 
institution or bill issuer, whereas in the second 
15 illustrative embodiment, shown in f iyuie 2, the data ^a*ee 
transmitted back to the base telecommunication station 
1. It is also possible for the transmission device 10 to 
transmit acknowledgement data for the payment operation 
^ to the base telecommunication station 1. 

iJ 20 In case the data received from the base 

\& 

r. telecommunication station 1 ^a^e in a different format 

y A 

□ than the format required for the payment operation, the 

mobile radio device 3 is provided with a conversion 
device 8 which converts the data received into a format 

25 which is' suitable for a payment operation. By way of 
example, this conversion device may be provided between 
the reception device 7 and the interrogation device 9, 
as shown in - fiy aiu 3. However, the conversion device 8 
■ may - also^'be provided between the interrogation device 9 

30 and the transmission device 10. 

With regard to the first illustrative 
embodiment, in which the mobile radio device 3 
communicates both with the base telecommunication 
station 1 and with the telecommunication device 6 of a 

35 financial institution or bill issuer, the mobile radio 
device 3 -m^y also (have separate transmission and 
reception 
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devices 7, 10 for communication with the base 

telecommunication device 1 and the telecommunication 

device 6 of the financial institution. Itwrs— meoftfi — fcfeat, 

A 

by way of example, communication with . the base 
communication device 1 could take place J^y- — meaj^-s — ©-£ 
infrared radiation, and communication with the 
telecommunication device 6 of the financial institution 
could take place on the basis of the GSM standard. 

In another application fcJae_^-p^e-s-errt 

invention , the invention is used for withdrawing money 
from a cash machine. In this case, the base 
telecommunication device 1 is a financial institution's 
cash machine, which is connected to the financial 
institution' s central computer — m o ans — enf a landline 
network, line. To withdraw money, a person enters an 
appropriate request on the cash machine. The cash 
machine- sends ^-ferke-s-e data together with a key to the 
mobile radio device 3, which asks the person for 
confirmation for the withdrawal operation. The person 
is then advantageously authenticated Js^y — aican - s — olr the 
mobile radio device 3. If the person has been 
identified" as being authorized and has entered 
confirmation for the withdrawal operation into the 
mobile radio device, the mobile radio device transmits 
data provided with or encrypted using the key to the 
cash machine, so that the latter is informed that the 
money can be paid out. For debiting the sum of money, 
the cash machine communicates with the financial 
institution's central computer via a landline network 
connection. 

. In one particularly simple embodiment of the 

invention, the base telecommunication station compricco 

A * 

an infrared interface based on the IrDA standard and a 

GSM module . The infrared interface and the GSM module 
are connected to the control system usually provided in 
a vending machine or a cash register. In this context, 
the data eefi- also be transmitted via an AT cellular 

A 

interface based on an infrared interface. 
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Infrared beams are then used to transmit to the 
mobile telephone a short message containing, in plain 
text, the question regarding whether the customer wants 
to pay for the requested goods at the requested price, 
and possibly a key number. The short message contains 
data required for payment, optionally a key and the 
telephone number of a "sender". Since the short message 
is generated synthetically by a control system, this 
telephone number can be permanently programmed in the 
vending machine or in the cash register and then 
corresponds to the telephone number of the bill issuer. 
The customer reads the short message and, if he is in 
agreement, generates a "YES" response. On many mobile 
telephones, this is possible with few keystrokes or can 
be simplified ^ by mer arrs — o# SIM Application Toolkit. The 
short message generated by the customer is then sent to 
the "sender" telephone number that is -fe-e — &ay to the 
bill issuer. The bill issuer's service computer puts 
the sum onto the bill of the customer, who is? in turn 
identified by his telephone number contained in his 
short message. The bill issuer's service computer then 
transmits a message for issuing the requested goods to 
the vending machine or to the cash register. This 
message can -be transmitted - by mc-crrro &€- GSM or else via 
a landline network of whatever type or via any desired 
network based on electromagnetic waves. The 
(optionally) transmitted key is checked in the cash 
register or in the vending machine, where it was also 
generated, of course, and the requested goods are 
issued. 

The key is checked or verified by comparing the 
transmitted key with a key stored in the base 
telecommunication station or in an associated unit 
after generation of the key. After successful 
comparison, that is to say if the two keys match, the 
goods paid for are issued or the service paid for. is 
provided. 
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The text below explains another specific 
illustrative embodiment, of the invention: 

A 

- A customer stands before a vending machine 
and presses a button for goods which he wants, or the 

5 customer stands at a cash register. 

- The cash register or the vending machine uses 
infrared beams (for example IrDA) to send a message, 
short message or appropriate data packets to the 
customer' s mobile telephone on the basis of the 

10 Bluetooth standard, a cordless standard or a mobile 
radio standard. Besides all the data reiquired for 
payment, this message contains a key which can be used 
Q on one or more subsequent signal paths to encrypt the 

^ appropriate data. In addition, the message contains the 

jjt 15 telephone number of the bill issuer (billing center) . 

j-j This -may also -(| ,t>e a bank, a network operator or a 

jfj department store chain. 

M= - The message initiates a SIM Application 

!L Toolkit application on the mobile radio telephone, and 

y 20 this application starts a dialogue with the customer. 

\£ The customer is asked: "Do you want to buy a cola at 

n this vending machine for 1.50 euros?" or "Do you want to 

i~ pay DM 123.45 in the groceries department of Hertie?". 

- The softkey "yes" or a specified number 
25 button is used / 5 possibly after a PIN has been 

requested /i to generate a message which contains the 
price, the type of goods, the fc-ei-: — tfu of the vending 
machine or of the cash register and possibly that of 
the customer. .X bcoe 5 data - a i r e- encrypted using the key 

l *j A * 

30 and a - rc=> sent to the billing center. The requesting of a 
PIN, e.g. upward of a particular sum, can be activated 
by the customer . 

- In the billing center, the sum is put onto the 
customer's bill, and a message encrypted using the same 

35 key is transmitted to the vending machine^ which, after 
successful decryption, issues the requested goods, or is 
transmitted to the cash register, which issues the 
receipt and records the sum as having been paid. 
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In this case, the billing center (the bill 
issuer) is not limited to a financial institution. It 

^m^y- also be the network operator, the operator of the 
vending machines or of the cash registers, or a credit 
card company. The acknowledgement data for the payment 
operation <kr not have to be forwarded via a mobile 
radio system, such as the GSM system. The billing 
center can be situated, by way of example, in a large 
department store networked to the cash registers. 

As the key, a randomly generated number can be 
sent back to the bill issuer, and from there to the 
vending machine, with the payment instruction. Since 
the vending machine has generated the key, it is itself 
able to check it. In this context, additional security 

-cafl-also^ be generated by encrypting the entire message 
in a way which is known to the vending machine and to 
the bill issuer. In this case, no encryption need take 
place in the mobile telephone. „ pfe*e*iV~ 

In one variant embodiment of the invention, the 
key is generated by the cash register/the vending 
machine or by the base telecommunication station as a 
random number, since the key is again checked at the 
cash register/the vending machine. The key can 
additionally be changed in the billing center on the 
basis of an algorithm which is known in the cash 
register/the vending machine or in the base 
telecommunication station. If, in addition, the 
connection between the cash registers and the billing 
center is used to change the algorithm on a regular 
basis, misuse of the payment operation is prevented. 



